From 954a4dc8ef40fbecf369587b796e0d5b42e481da Mon Sep 17 00:00:00 2001 From: Robert Habermeier Date: Tue, 23 Jan 2018 17:21:20 +0100 Subject: [PATCH] clean up some unsafety in `Slicable` --- substrate/primitives/src/hashing.rs | 12 ++++++------ .../wasm-runtime/polkadot/src/codec/slicable.rs | 11 ++++++----- .../wasm-runtime/polkadot/src/support/primitives.rs | 10 +++++----- .../wasm-runtime/polkadot/src/support/storable.rs | 2 +- 4 files changed, 18 insertions(+), 17 deletions(-) diff --git a/substrate/primitives/src/hashing.rs b/substrate/primitives/src/hashing.rs index f82ec7ef8b..e1a4f84a99 100644 --- a/substrate/primitives/src/hashing.rs +++ b/substrate/primitives/src/hashing.rs @@ -20,37 +20,37 @@ use blake2_rfc; use twox_hash; /// Do a Blake2 512-bit hash and place result in `dest`. -pub fn blake2_512_into(data: &[u8], dest: &mut[u8; 64]) { +pub fn blake2_512_into(data: &[u8], dest: &mut [u8; 64]) { dest.copy_from_slice(blake2_rfc::blake2b::blake2b(64, &[], data).as_bytes()); } /// Do a Blake2 512-bit hash and return result. pub fn blake2_512(data: &[u8]) -> [u8; 64] { - let mut r: [u8; 64] = unsafe { ::std::mem::uninitialized() }; + let mut r = [0; 64]; blake2_512_into(data, &mut r); r } /// Do a Blake2 256-bit hash and place result in `dest`. -pub fn blake2_256_into(data: &[u8], dest: &mut[u8; 32]) { +pub fn blake2_256_into(data: &[u8], dest: &mut [u8; 32]) { dest.copy_from_slice(blake2_rfc::blake2b::blake2b(32, &[], data).as_bytes()); } /// Do a Blake2 256-bit hash and return result. pub fn blake2_256(data: &[u8]) -> [u8; 32] { - let mut r: [u8; 32] = unsafe { ::std::mem::uninitialized() }; + let mut r = [0; 32]; blake2_256_into(data, &mut r); r } /// Do a Blake2 128-bit hash and place result in `dest`. -pub fn blake2_128_into(data: &[u8], dest: &mut[u8; 16]) { +pub fn blake2_128_into(data: &[u8], dest: &mut [u8; 16]) { dest.copy_from_slice(blake2_rfc::blake2b::blake2b(16, &[], data).as_bytes()); } /// Do a Blake2 128-bit hash and return result. pub fn blake2_128(data: &[u8]) -> [u8; 16] { - let mut r: [u8; 16] = unsafe { ::std::mem::uninitialized() }; + let mut r = [0; 16]; blake2_128_into(data, &mut r); r } diff --git a/substrate/wasm-runtime/polkadot/src/codec/slicable.rs b/substrate/wasm-runtime/polkadot/src/codec/slicable.rs index a013abb998..2dfc2db49f 100644 --- a/substrate/wasm-runtime/polkadot/src/codec/slicable.rs +++ b/substrate/wasm-runtime/polkadot/src/codec/slicable.rs @@ -34,7 +34,7 @@ pub trait Slicable: Sized { fn to_vec(&self) -> Vec { self.as_slice_then(|s| s.to_vec()) } - fn set_as_slice bool>(set_slice: F) -> Option; + fn set_as_slice bool>(set_slice: F) -> Option; fn as_slice_then R>(&self, f: F) -> R { f(&self.to_vec()) } @@ -44,10 +44,11 @@ pub trait Slicable: Sized { /// Trait to mark that a type is not trivially (essentially "in place") serialisable. pub trait NonTrivialSlicable: Slicable {} -impl Slicable for T { - fn set_as_slice bool>(fill_slice: F) -> Option { +// note: the copy bound and static lifetimes are necessary for safety of `set_as_slice`. +impl Slicable for T { + fn set_as_slice bool>(fill_slice: F) -> Option { let size = mem::size_of::(); - let mut result: T = unsafe { mem::uninitialized() }; + let mut result: T = unsafe { mem::zeroed() }; let result_slice = unsafe { let ptr = &mut result as *mut _ as *mut u8; slice::from_raw_parts_mut(ptr, size) @@ -77,7 +78,7 @@ impl Slicable for Vec { fn from_slice(value: &[u8]) -> Option { Some(value[4..].to_vec()) } - fn set_as_slice bool>(_fill_slice: F) -> Option { + fn set_as_slice bool>(_fill_slice: F) -> Option { unimplemented!(); } fn to_vec(&self) -> Vec { diff --git a/substrate/wasm-runtime/polkadot/src/support/primitives.rs b/substrate/wasm-runtime/polkadot/src/support/primitives.rs index 76859375f8..ea94c03190 100644 --- a/substrate/wasm-runtime/polkadot/src/support/primitives.rs +++ b/substrate/wasm-runtime/polkadot/src/support/primitives.rs @@ -76,7 +76,7 @@ impl Slicable for Header { }) } - fn set_as_slice bool>(_fill_slice: F) -> Option { + fn set_as_slice bool>(_fill_slice: F) -> Option { unimplemented!(); } @@ -122,7 +122,7 @@ impl Slicable for Transaction { }) } - fn set_as_slice bool>(_fill_slice: F) -> Option { + fn set_as_slice bool>(_fill_slice: F) -> Option { unimplemented!(); } @@ -200,7 +200,7 @@ impl Slicable for UncheckedTransaction { }) } - fn set_as_slice bool>(_fill_slice: F) -> Option { + fn set_as_slice bool>(_fill_slice: F) -> Option { unimplemented!(); } @@ -237,7 +237,7 @@ impl Slicable for Block { }) } - fn set_as_slice bool>(_fill_slice: F) -> Option { + fn set_as_slice bool>(_fill_slice: F) -> Option { unimplemented!(); } @@ -271,7 +271,7 @@ impl Slicable for Vec { Some(r) } - fn set_as_slice bool>(_fill_slice: F) -> Option { + fn set_as_slice bool>(_fill_slice: F) -> Option { unimplemented!(); } diff --git a/substrate/wasm-runtime/polkadot/src/support/storable.rs b/substrate/wasm-runtime/polkadot/src/support/storable.rs index 90807168e1..835e70ff3d 100644 --- a/substrate/wasm-runtime/polkadot/src/support/storable.rs +++ b/substrate/wasm-runtime/polkadot/src/support/storable.rs @@ -37,7 +37,7 @@ pub trait Storable { /// Remove `key` from storage. pub fn kill(key: &[u8]) { runtime_support::set_storage(&twox_128(key)[..], b""); } -impl Storable for T { +impl Storable for T { fn lookup(key: &[u8]) -> Option { Slicable::set_as_slice(|out| runtime_support::read_storage(&twox_128(key)[..], out) == out.len()) }